this post was submitted on 10 Nov 2023
518 points (98.9% liked)

Technology

59693 readers
2363 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

EU Article 45 requires that browsers trust certificate authorities appointed by governments::The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from...

you are viewing a single comment's thread
view the rest of the comments
[–] MeanEYE@lemmy.world 0 points 1 year ago (1 children)

Well, like I wrote in other comment of mine. Governments here issue personal certificates signed by government ones. These personal certificates can then be used to digitally sign documents and tax reports. It can be used to log into government web sites and many similar uses. These certificates that EU says browsers have to accept are the same ones everyone already uses for biometric passports. If browser accepted these root certificates, then things would be significantly easier to support. No software installation required.

People seem to think this will be used for nefarious cases, but in reality people just install government issued software without thinking. Well, any software without thinking. During that installation you can already add certificate to browser and whole OS. It's just easier and better supported if they go through public way instead of having to support multiple OS installations and similar issues.

[–] ShunkW@lemmy.world 1 points 1 year ago (1 children)

Yeah that argument holds zero water. Forcing browsers to trust these roots means not only pre-trusting them, but disallowing removal of trust. This is completely intended for surveillance purposes.

[–] MeanEYE@lemmy.world 0 points 1 year ago (1 children)

Removal of trust happened many times in the past. And like I said, it's not changing anything other than making things easier. You can still add certificates to the browser trusted list if you have access to the person's computer, which when you install any software you do. Perhaps the best middle ground would be to add certificates but make them conditional that is to say ask the user what they want to do and offer multiple options. Trust for this domain only, trust always, just this time, don't trust.

[–] ShunkW@lemmy.world 1 points 1 year ago* (last edited 1 year ago) (1 children)

The current text of Article 45 requires that browsers trust CAs appointed by governments

Tell me you didn't read the article without telling me you didn't read the article. You can keep shilling for government surveillance if you want, but I'm done listening.

[–] MeanEYE@lemmy.world 0 points 1 year ago (1 children)

Am not shilling, am merely pointing out there are easier ways to spy on people without putting it through legal channels.

[–] ShunkW@lemmy.world 0 points 1 year ago (1 children)

And another pointless argument. "They could spy on you easier means they're not."

I know I said I was done, but good lord. I can't tell if you are trying to troll or you're completely devoid of logic or reason.

[–] MeanEYE@lemmy.world 1 points 1 year ago

Okay, so you officially refuse to think and just want to wear a tinfoil hat. Good luck with that. Leave the rest of us out of it. Seeing conspiracy theories everywhere and then go online to argue and paying for bills pretty much negates everything you say.